feat: code quality audit + autoresearch integration + infra hardening (#150)

tests/security/test_xss_vulnerabilities.py

@@ -1,12 +1,16 @@
+import html
+
 import pytest
 from fastapi.testclient import TestClient
+
 from dashboard.app import app
-import html
+
 
 @pytest.fixture
 def client():
     return TestClient(app)
 
+
 def test_health_status_xss_vulnerability(client, monkeypatch):
     """Verify that the health status page escapes the model name."""
     malicious_model = '"><script>alert("XSS")</script>'
@@ -19,6 +23,7 @@ def test_health_status_xss_vulnerability(client, monkeypatch):
     assert escaped_model in response.text
     assert malicious_model not in response.text
 
+
 def test_grok_toggle_xss_vulnerability(client, monkeypatch):
     """Verify that the grok toggle card escapes the model name."""
     malicious_model = '"><img src=x onerror=alert(1)>'